This is not the blog post that I was going to publish today.
I had a great article ready to rock, recapping questions that advisors have asked me recently regarding LinkedIn – how to go beyond just having a personal profile, and how to use LinkedIn for branding, networking, and business development.
However, at 4:00 a.m., I realized that I had a problem. After getting my crying two-year old settled back to sleep (in his own bed!), I checked my phone and saw a message from a Twitter connection, asking if my account had been hacked – my worst nightmare.
Once I logged in, I literally saw hundreds of direct messages, apparently sent by me (agh!) to my followers containing somewhat believable text and a hyperlink to who-knows-where. The nightmare settled right in my stomach. What should I do? How could I fix the situation at hand?
After a frantic morning, I think that I have it sorted out, and thankfully, it wasn’t a hacker after all. However, this experience led me to ask – would you know what to do in this situation?
7 actions to take immediately
If something were to go awry with your Twitter (or other social media) account, here are some of the key steps that I took this morning to get my account back on track that hopefully will not come in handy for you one day:
- Diagnose what is wrong: Today, I wanted to sort out what had happened – was my account really taken over? I thought long and hard about when the last time I used my account was, and whether or not I had clicked on any strange links. Sure enough, I remembered clicking on a link that didn’t really seem to go anywhere. It also resembled the messages now being spewed by my account. It must be the culprit.
- Change Your Password: First and foremost, change your account password. Severing this connection will almost surely stop whoever has access to your account from sending out more spam. And although it might be more difficult to remember than your cat’s name, it’s best to make it a complex combination of upper/lower case letters AND numbers.
- Delete Messages: Since the messages were sent by “me,” I was able to go to my Twitter feed, and individually delete all of the messages. This will help prevent your followers from accidentally clicking on the link. Also, as said on Mashable, it also shows your followers that you’ve taken steps to deal with the problem.
- Review App Access: The other steps so far are pretty self-explanatory; however, in researching what additional steps you can take in Twitter to identify spammers and hackers, you can look at the third party “Apps.” To find out what applications are connected to your account, go to “Settings” – the gear at the top-right of the page, and then Apps. Luckily, all of the Apps associated with my account were meant to be there (and include social media management, archiving and measurement). Alternatively, you can go to https://twitter.com/settings/applications while logged into your Twitter account.
- Alert your followers: You might be afraid to “send” any new messages, however, tweeting out a short note lets your followers know that you are aware of the situation and being proactive about solving it:
6. Communicate to your compliance department: Since your compliance department archives and reviews your communications, it’s important to make sure that they are aware of the messages and confirm that your archiving platform is still in place.
7. Review (or update or create) your social media response plan: Are all of these steps included in your firm’s social media response plan? If not, it might be time for an update. Also, advisory firm response plans also go beyond just social media – how would you address a big change in the market, a client data breach, and more? Formalize the processes in your office to ensure that you can focus on the emergency at hand – not what you have to do to address it.
Even though I had the unfortunate experience of sending a virus to hundreds of my Twitter followers, I feel like it was a big learning opportunity – and hopefully it has you thinking.